Free tools and resources for Data Protection Officers!

Tag Archives for " GDPR "

ICO publishes International Strategy to help protect UK public’s personal information in a global environment

The ICO has published its first ever International Strategy to help it meet overseas data protection challenges including increased globalism, changing technology, GDPR and Brexit.

Source: ICO publishes International Strategy to help protect UK public’s personal information in a global environment | ICO

Compensation for Breach of the General Data Protection Regulation

This paper looks at Article 82(1) of the General Data Protection Regulation (GDPR) providing data subjects with rights to compensation for infringement of their rights under GDPR, and compares it with compensation provisions in other EU Regulations and Directives and with the caselaw of the CJEU on those provisions.

Source: Compensation for Breach of the General Data Protection Regulation by Eoin O’Dell :: SSRN

Could Canada lose its adequacy standing?

The world has changed a lot since the European Commission gave Canada its “adequacy” standing in 2001, determining the Personal Information Protection and Electronic Documents Act, commonly known as PIPEDA, properly protects personal data transferred from the EU to Canada.

Source: Could Canada lose its adequacy standing?

Let’s sort out this profiling and consent debate once and for all.

In a post last week , I said that “ There’s a perpetuated misconception that all profiling needs consent. It doesn’t, end of. ” Since this seems to have been an area of much confusion under the GDPR, I thought it worth taking the time to elaborate on this point.

Source: Let’s sort out this profiling and consent debate once and for all.

EU privacy seal providers eagerly await official GDPR guidance

There should ideally be a pan-European accreditation for “privacy seal” providers when the General Data Protection Regulation comes into effect, one such provider, EuroPriSe, has argued. Articles 42 and 43 of the GDPR introduce official recognition for “certification bodies” that issue seals and marks to companies, so that they can demonstrate their adherence to EU privacy standards.

Source: EU privacy seal providers eagerly await official GDPR guidance

Belgian DPA publishes recommendation on GDPR record keeping obligation

End of last week, the Belgian Data Protection Authority published a recommendation on the records of processing activities. The full text of the Recommendation is available in French and Dutch on the website of the Privacy Commission.

Source: Belgian DPA publishes recommendation on GDPR record keeping obligation

Auto industry must prepare for 2018 data protection changes

The automotive industry must start planning and preparing for the General Data Protection Regulation (GDPR), which comes into force on 25th May 2018. The GDPR will affect all retailers and manufacturers who collect, store and process customer data – e.g. for promoting deals, sending MOT or service reminders or selling new products.

Source: Auto industry must prepare for 2018 data protection changes – Car Care Plan

The case of the unsolicited email

Privacy and data protection issues do not present themselves in any particular order, so when starting out as a data protection officer, one has to be able to address the most pressing privacy issues “on the fly” while simultaneously moving methodically through a GDPR-readiness program.

Source: The case of the unsolicited email

>